Table Of Contents

Considerations When Accessing Data from Web Services

Last Modified: October 2, 2018

If you want to create a web application that sends requests to and receives responses from a web service, you must be aware of the origin of the web service that hosts the web application as well as the origin of the target web service.

For example, a web application hosted at http://localhost:8080/Demo/MyExample.html has the origin http://localhost:8080. A server origin contains three parts:

Part Definition Example
Scheme Protocol the web service uses. http://
Host Domain name or IP address of the service. localhost
Port TCP port of the web service. If you don't specify a port, the web service uses the default port. 8080

Once you know the origin of the host web service and the target web service, determine whether requests from the web application to the target web service will be same-origin requests or cross-origin requests. If both origins are identical, requests from the web application to the web service are same-origin requests. If there is any difference between the two origins, requests from the web application to the web service are cross-origin requests.

Browsers running web applications do not impose restrictions on same-origin requests. Web applications that perform cross-origin requests are subject to the Cross-Origin Resource Sharing (CORS) mechanism. By default, a web browser blocks all cross-origin requests made to a target web service that is not configured to support CORS.

spd-note-note
Note  

WebVIs that execute in the development environment are hosted using an embedded web service with an origin of http://localhost:<port>. The port is assigned by your operating system based on availability and varies between instances of the development environment. Other web services do not share the origin of a WebVI executing in the development environment. Any HTTP request made by a WebVI executing in the development environment that does not target a user resource is considered a cross-origin request and is subject to the CORS mechanism.


Recently Viewed Topics